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STORAGE MEDIUM 

(57)Abstract: 

PROBLEM TO BE SOLVED: To provide an access management system and a 
managing method for a smart cardwhich give an authentication permission to each 
application (process) in regard to accesses by a plurality of applications. 
SOLUTION: The applications 21 including a plurality of pieces of access processing to 
the smart card make an exclusion acquisition request to an exclusion control 
mechanism 1 1 at the time of making an access request to the smart card 22 in each 
access processing and requests access to an access control mechanism 12 when the 
applications 21 obtain exclusion. The mechanism 12 requests an input of a 
PIN(personal identification number) when the concerved application 21 is not 
authenticatedand allows the application 21 to access the smart card 22 when the 
application 21 has already obtained authentication. The application 21 performs 
exclusion acquisition request/release in an access processing unit. 



CLAIMS 



[Claim(s)] 

[Claim 1]An access control system of a smart card which manages access to a smart 
card by two or more applications characterized by comprising the following. 
An exclusive control means which will be made finishing [ exclusion acquisition of this 
application ] if a logical channel [ finishing / a logical channel / exclusion acquisition ] 
exists in this smart card with other applications to an exclusion acquisition request to 
a smart card from application. 

As opposed to an access request to said smart card from application [ finishing / 
application / exclusion acquisition ]An access control means to which access to this 
smart card is permitted to application [ finishing / application / this exclusion 
acquisition ] when application [ finishing / application / this exclusion acquisition ] is 
already attested from this smart card. 

[Claim 2]If a logical channel [ finishing / a logical channel / exclusion acquisition ] 
does not exist in this smart card with other applications to an exclusion acquisition 
request to a smart card from applicationsaid exclusive control meansThe access 
control system according to claim 1 registering into cue application which performed 
this exclusion acquisition request. 

[Claim 3]The access control system according to claim 1 or 2 characterized by 
refusing a demand of this application when said access control means has not 
attested application which gained said exclusion from said smart card to said access 
request. 

[Claim 4]An access control system given in any 1 of claims 1 thru/or 3 when said 
access control means is extracted [ said smart card ] from a smart card 
readerwherein it changes application [ finishing / application / attestation ] into un- 
attesting with this ******** smart card. 

[Claim 5]When said application carries out multiple-times access at said smart 
cardAn access control system given in any 1 of claims 1 thru/or 4 carrying out said 
exclusion acquisition request to said exclusive control means at the time of a start of 
each accessand carrying out a notice of release of exclusion to said exclusive control 
means at the time of an end of this access of each. 

[Claim 6]To an exclusion acquisition request to a smart card from applicationwith 
other applicationsif this smart card is already ending with exclusion acquisitionsaid 
exclusive control meansThe access control system according to claim 5 using 
finishing [ exclusion acquisition of application which registers into cue application 
which performed this exclusion acquisition requestand is registered into said cue to a 
notice of release of exclusion from said application ]. 

[Claim 7]Said access control means receives a notice of attestation release of a 
smart card from applicationAn access control system given in any 1 of claims 1 
thru/or 6wherein this attestation release requires attestation release of this smart 
card with this smart card at the time from the last application [ finishing / the 



application / attestation ]. 

[Claim 8]It is a sharing method of a smart card which manages access to a smart 
card by two or more applicationsif a logical channel [ finishing / a logical channel / 
exclusion acquisition ] exists in this smart card with other applications to an exclusion 
acquisition request to a smart card from applicationAs opposed to an access request 
to said smart card from application [ finishing / finishing / exclusion acquisition of this 
application / is used and / application / exclusion acquisition ]A sharing method 
permitting access to this smart card to application [ finishing / application / this 
exclusion acquisition ] when application [ finishing / application / this exclusion 
acquisition ] is already attested from this smart card. 

[Claim 9]They are application including two or more access processings to one smart 
cardor its libraryAn exclusion acquisition request is performed to two or more access 
processingsrespectively at the time of a start of this access processingApplication 
characterized by performing an authentication demand to a smart card which 
exclusion gives a release notice and performs this access processing only at the time 
of processing of the beginning of said two or more access processingsrespectively at 
the time of an end of each access processingor its library. 

[Claim 10]When used by an information processor in which two or more applications 
carry out parallel operationlf a logical channel [ finishing / a logical channel / 
exclusion acquisition ] exists in this smart card with other applications to an exclusion 
acquisition request to a smart card from applicationAs opposed to an access request 
to said smart card from application [ finishing / finishing / exclusion acquisition of this 
application / is used and / application / exclusion acquisition ]When application 
[ finishing / application / this exclusion acquisition ] is already attested from this 
smart cardA recording medium which said information processor which memorized a 
program to which it makes it carry out to said information processor to permit access 
to this smart card to application [ finishing / application / this exclusion acquisition ] 
can read. 

[Claim 1 1]When it performs with an information processor in which two or more 
applications carry out parallel operationlf a logical channel [ finishing / a logical 
channel / exclusion acquisition ] exists in this smart card with other applications to 
an exclusion acquisition request to a smart card from applicationAs opposed to an 
access request to said smart card from application [ finishing / finishing / exclusion 
acquisition of this application / is used and / application / exclusion acquisition ]A 
program which it makes it perform to said information processor to permit access to 
this smart card to application [ finishing / application / this exclusion acquisition ] 
when application [ finishing / application / this exclusion acquisition ] is already 
attested from this smart card. 



DETAILED DESCRIPTION 



[Detailed Description of the Invention] 
[0001] 

[Field of the Invention]This invention relates to the access control of the smart card 
at the time of [ which is depended on two or more processes of the data on a smart 
card ] sharing. 
[0002] 

[Description of the Prior Art]The use to various fields from the data of very big 
capacity being memorizable as compared with the magnetic card used conventionally 
etc. is consideredor the smart card is put in practical use. 
[0003]The smart card equips the inside with CPU with the memory. 
Since it accesses to the data in a memory via this CPUby making authenticating 
processing perform to CPU at the time of accesshigh security nature can be realized 
compared with the conventional magnetic cardand this point also serves as a merit of 
the smart card. 

[0004]The smart card has a security function by PIN (Personal Identification 
Number)It is possible to control to compare PIN with this functionand to be able to 
access the confidential information in a cardonly when attested. The attestation by 
this PIN is what is called a password input methodthe user using a smart card enters 
a password as PINand it compares within the password and card which have 
memorized this in a smart cardand when in agreementaccess to an in-house data is 
permitted. 

[0005]Access to a smart card is performed through the logical channel which a smart 
card hasand an authentication demand is performed to a logical channel. And the 
smart card holds the states about securitysuch as an authentication state by PINfor 
every logical channel of this. 

[0006]D rawing 15 shows the logical construction inside the smart card seen from 
application. Within the smart carddata is managed by composition of a tree structure 
and DF (Delicated File) is provided in the unit for every application used for the lower 
layer of DIP in the topetc. And in each DFEF (Elementary File) holding actual data is 
stored. When accessing data from a smart cardafter application sends the positioning 
information which shows the position of the data accessed first and moves an access 
position to the target EFit performs read-out/writing of data from the EF. Each 
channel holds the present access position as state information. 
[0007] 

[Problem(s) to be Solved by the Invention]The usage which uses the present smart 
card simultaneously with two or more applications is examined. For examplethe PKI 
(PublicKey Instructure) system which used the public-key crypto system as the base 
is builtWhen two or more applications are working by computer on this systemit is 
considered as the one directions for the present smart card that each application 



uses a smart card for the security authentication by a digital signature etc. 
[0008]In this casetwo or more applications on the computer which connected the 
smart card will share a smart card. And since the number of the logical channels 
which one smart card has is about at most twowhen making much applications access 
to the same cardthe necessity that two or more applications share one logical 
channel comes out. For simplification of explanationthe following explanation in a **** 
specification is premised on one application comprising one processis synonymous 
with a process and uses the word "application." Usuallyalthough one application 
comprises one process in many casesif application is replaced with a process and 
considered even when it comprises two or more processesthe following explanation is 
fundamentally the same. 

[0009]In the security system of the present smart card. If PIN attestation is 

performed to a logical channel with one application and an access permit is 
obtainedfrom the logical channelnot only the application that received attestation but 
other applications will be able to be henceforth accessed until attestation is canceled. 
[0010]If it considers sharing the same information on one card between two or more 
applications from a viewpoint of securityit will become firmer [ it / to perform 
attestation by PIN for each application of every / a security level ]. Howeverin the 
access control to the present smart card. Since attestation is performed for every 
logical channel and an authentication state (was the access permit given or not?) is 
held at each logical channelwhen two or more applications share one logical channellf 
one application performs attestation by PIN and obtains an access permitaccess of 
other applications to a card from the logical channel will be attained without receiving 
attestation by PIN. 

[001 1]As mentioned abovewhen each application accesses the data in a cardafter it 
transmits positioning information to a logical channel and moves an access positionit 
performs writing/read-out of databut. When two or more applications share a logical 
channelas for each applicationgrasp of the access position of KARENTO becomes 
difficult 

[0012]In view of the above-mentioned problemthis invention to access by two or 
more applications (process) by managing the authentication state to a smart card in a 
unified mannerLet it be a technical problem to provide the access control system and 
controlling method of a smart card which give attestation permission to each 
application (process) of every, each application (process) — each time — let it be a 
technical problem to provide the access control system and controlling method which 
are realized without enlarging the overhead according attestation to authenticating 
processing. 
[0013] 

[Means for Solving the Problem]In order to solve the above-mentioned probleman 
access control system of a smart card by this invention manages access to a smart 
card by two or more applicationsand is provided with an exclusive control means and 



an access control means. 

[0014]An exclusive control means will be taken as finishing [ exclusion acquisition of 
this application ]if a logical channel [ finishing / a logical channel / exclusion 
acquisition ] exists in this smart card with other applications to an exclusion 
acquisition request to a smart card from application. The above-mentioned exclusive 
control means registers into cue application which performed this exclusion 
acquisition requestif a logical channel [ finishing / a logical channel / exclusion 
acquisition ] does not exist in this smart card with other applications to an exclusion 
acquisition request to a smart card from application. 

[0015]As opposed to an access request to the above-mentioned smart card from 
application [ finishing / an access control means / application / exclusion 
acquisition ]When application [ finishing / application / this exclusion acquisition ] is 
already attested from this smart cardaccess to this smart card is permitted to 
application [ finishing / application / this exclusion acquisition ]. An access control 
means requires an input of PIN of this applicationwhen not having attested application 
which gained the above-mentioned exclusion from the above-mentioned smart card 
to the above-mentioned access request. Attestation of a smart card by each 
application was performed through this access control meansand an access control 
means grasps attestation relation between each application and a smart card. 
[0016]Since exclusive control to a smart card is performed by exclusive control 
means according to this inventioneven if it shares a smart card with two or more 
applicationsattestation for every application is enabled. 

[0017]It is judged by an access control means whether it is finishing [ attestation of 
application which performed each access request ]and since an access permit is 
given without performing authenticating processing when it is ending with 
attestationthe number of times of authenticating processing is reducible. 
[0018] 

[Embodiment of the Invention]One embodiment of this invention is described 
belowref erring to drawings. In order to give attestation permission for every 
applicationExclusive control is performed to a smart card (it is a logical channel when 
a smart card has two or more logical channels)While one attested application is using 
the smart cardthe application needs to monopolize a card (or logical channeDand 
needs to deter access from other applications. By following embodimentseach smart 
card is considered as composition provided with one logical channel for explanation 
simplification. When a smart card is provided with two or more logical 
channelsexclusive control explained below is performed per logical channel. 
[001 9] D rawing 1 establishes an exclusive control mechanism and shows the case 
where the exclusive operation of the application which accesses a smart card is 
performed. In drawing It he exclusive control mechanism 1 1 is established between 
two or more applications 21 and the smart card 22When requiring access from the 
smart card 22each application 21 performs an exclusion acquisition request to this 



exclusive control mechanism 1 land the application 21 with which exclusion was 
obtained accesses it by monopolizing the smart card 22. The exclusive control 
mechanism 1 1 of the figure has managed the exclusion to access to two cards of the 
cards a and b. And the three applicationsthe application 1the application 2and the 
application 321 have published the access request to the card aand the exclusive 
control mechanism 1 1 is considered as exclusion acquisition to the application 1 of 
themand it changes other applications 2 and 3 into the waiting state until the card a is 
released. The application 1 which gained exclusion performs read-out/writing of 
dataafter performing PIN attestation to the logical channel of the card a. The 
application 21 besides during this period cannot be accessed to the card a. If 
processing of the application 1 is completed and the card a is released nextthe 
application 2 which is in the waiting state will gain exclusionand will access the data 
inside backward [ which performed PIN attestation to the card a ]. Thusby 
establishing the exclusive control mechanism 11 only one application which received 
attestation can be accessed to a smart cardand attestation for every application 21 
can be realized. 

[0020]Since in the case of the method by the composition of this drawing 1 t his smart 
card 22 is monopolized by this application 21 while the one application 21 is using the 
smart card 220ther applications 21 will be in a waiting state until exclusion is 
canceled and the smart card 22 is released. Thereforein this methodthe parallel 
processing performance of two or more applications is badand user-friendliness 
worsens dramatically — the application in a waiting state is visible to the state where 
suspended long period processing and it hung-up. 

[0021]There is a method which releases in detail the smart card 22 which the 
application 21 monopolized as what avoids this when the access processing to the 
smart card 22 was completed. In this methodwhen the application 21 includes the 
access processing to the multiple-times smart card 22exclusion acquisition / release 
to the smart card 22 are performed to the exclusive control mechanism 1 1 for every 
access processingand exclusive control is divided briskly. 

[0022]The example of the exclusion acquisition / release to the smart card of each 
application by this method is shown in drawing 2 . The figure is what shows the 
example of access processing to the smart card of each application when the three 
applicationsthe application Ithe application 2and the application 321 publish an 
access request to the card a like drawing lA s for arrow ** from the exclusion 
acquisition request from each application 21 to the exclusive control mechanism 
Hand the exclusive control mechanism Harrow ** to the exclusive control 
mechanism 1 1 in the said figure shows the notice of the exclusion acquisition to each 
application 21 from the exclusive control mechanism 11. The PIN authenticating 
processing according [ a shadow area ] to each application 21 and a shading portion 
show access processing to the smart card 22. 

[0023]When the application 21 which gained exclusion canceled exclusion and does 



not release the smart card 22 until all the processings were completedTo the position 
of 33 which processing of the application 1 which has already gained the exclusion to 
the card a completes from the position of 31 in drawing 2 which carried out the 
exclusion acquisition request to the card a to the exclusive control mechanism lithe 
application 2 will be in a waiting state until processing of this application 2 completes 
the application 3 from the position of 32. Howeversince another application 21 in the 
period of which exclusion was canceled when the application 21 divided exclusive 
control briskly for every access processingas shown in the figure can access the card 
aThe period which will be in the waiting state for exclusion acquisitionand processing 
stops becomes shortand the parallelism of processing improves. 
[0024]Thusif exclusive control is changed frequentlythe period of the waiting state of 
each application will become shortand the parallelism of processing will improve. 
Howeveras shown in the slash part of drawing 2 each application will need to perform 
setting-out/release processing of an authentication state to the degree of a 
changeand the overhead for it will become large. Since PIN is transmitted when 
obtaining re^permission of attestationeach application 21 will continue holding PIN 
and also produces the problem of security. In order to avoid thisif a user uses the 
degree of authenticating processing with the composition which enters a passwordthe 
overhead of authenticating processing will become large further. 
[0025]The composition in consideration of this point is shown in drawing 3 . In the 
composition of drawing 3 between two or more applications 21 and the smart card 
22The exclusive control mechanism 1 1 is performing the exclusive operation of the 
application 21 which accesses the smart card 22forming the access controller 12 in 
addition to the exclusive control mechanism 1 land managing attestation by the smart 
card 22 of each application 21 in a unified manner by this access controller 12. 
[0026]When each application 21 requires access from the smart card 22if it performs 
an exclusion acquisition request to the exclusive control mechanism 1 1 first and 
exclusion can be gainedit will request the attestation to the smart card 22 from the 
access controller 12 next. And if attestation is obtainedthe data in the smart card 22 
will be accessed. 

[0027]The access controller 12 has an authentication state management tableThe 
authentication state of each application and the smart card 22 is managed about 
between after the application 21 makes a start declaration of the attestation to the 
smart card 22 using this authentication state management table until it notifies 
release of attestation. 

[0028]D rawing 4 is a figure showing the example of composition of an authentication 
state management table. An authentication state management table is a table which 
uses from which smart card 22 each application 21 has obtained attestation now in 
order that the exclusive control mechanism 1 1 may manageand has matched and 
memorized application identification information and attested card information. What 
cannot operate the application with this general identifier in which application 



identification information memorizes an identifier [ meaning / for identifying each 
application 21 ] is usedfor exampleit is added to each process at a process generate 
timeand the process ID which the kernel has managed is used. Or it is good also as 
composition in which the access controller 12 carries out generation addition for an 
identifier one by one to the application 21 which performed the access request to 
access to a smart card. 

[0029]D rawing 4 has illustrated the case where the authentication state of each 
application 21 to the two smart cards 22 of the cards a and b is managedand the card 
with which the application 21 is attested as attested card information to each 
application is recorded. The portion of a blank shows that the smart card [ finishing / 
to the application / attested card information / a smart card / attestation ] does not 
exist. Finishing [ the application 1 / the card a and b both / ending with 
atte static nth e application 2and the application n / un-attesting and the application 3 
/ the card a / attestation ] in the figure all. 

[0030]Each application 21 performs access to the attestation and the smart card 22 
to the smart card 22 via the access controller 12. If there is an access request from 
the application 21 to the smart card 22It is investigated whether it is ending with 
attestation to the smart card 22 in which the application 21 carried out the access 
request with reference to the authentication state management tablelf it has not 
attestedthe demand from the application 21 will be refusedand the input of PIN is 
required of the application 21 and authenticating processing with the smart card 22 is 
performed. If the application 21 is ending with attestationsince the application 21 has 
already obtained attestation permission of the smart card 21 it will permit and perform 
access to the smart card 21. 

[0031]D rawing 5 is a figure showing the flow of processing of the application 21 at the 
time of the application 21 performing access to the smart card 22the exclusive 
control mechanism 1 land the access controller 12. The figure makes the example the 
case where the application 1 accesses to the card aand 1-23 under following 
explanation correspond with the number in drawing 5 . 

1) The application 1 performs an exclusion acquisition request to the exclusive 
control mechanism 1 1 in order to perform the exclusion start to the card a. 

2) To the demand from the application Ithe exclusive control mechanism 11 
investigates whether there is any application exclusion gained to the card aand if 
other applications have already gainedit will register it into the cue of the waiting for 
exclusion. If it is not exclusion acquisition settledexclusion acquisition will be notified 
to the application 1. 

3) The application 1 makes an access start declaration to the card a to the access 
controller 12. 

4) The access controller 12 registers the application 1 into an authentication state 
management table to access start declaration. And the input request of PIN is 
performed to the application 1. When the application 1 is making an access start 



declaration to the card bsince the application 1 is already registered into the 
authentication state management tableit is not necessary to register it into an 
authentication state management table again by the access start declaration to the 
card a. 

5) The application 1 demands the input of a password from a userspecifies PIN from a 
user's inputand requires the attestation to the card a. 

6) The exclusive control mechanism 1 1 notifies PIN to the card aand makes an 
authentication check perform on the card a. 

7) The access controller 12 will register that the application 1 is ending with 
attestation at the card a into an authentication state management tableif attestation 
is obtained as a result of the authentication check by the card a. 

8) The application 1 requires read-out/writing of the data to the card a from the 
access controller 12. 

9) An authentication state management table is searched to read-out/write request 
from the application land if the application 1 is ending with attestationit will access 
the attested card a to the card a. If it has not attestedan error will be notified to the 
application 1. 

10) When one access processing is completed and it cancels monopoly of the card 
athe application 1 notifies release of exclusion to the exclusive control mechanism 1 1. 

11) The exclusive control mechanism 11 deletes the exclusion acquisition to the card 
a of the application 1 registeredand if there is the application 21 otherwise registered 
into the cue of the waiting for the exclusion to the card ait will register exclusion 
acquisition of the application 21. 

12) The application 1 performs processing of those other than the access processing 
to the card a after release of exclusion. Since the exclusion of the card a is released 
in the meantimeother applications 21 can use the card a. 

13) The application 1 will carry out an exclusion acquisition request to the exclusive 
control mechanism 1 1 if the necessity for access to the card a arises again. 

14) finishing [ it investigates again whether the exclusive control mechanism 11 has 
like 2 the application exclusion gained to the card a to the demand from the 
application land / other applications / exclusion acquisition ] already — it is not — if 
— notify exclusion acquisition to the application 1. 

15) The application 1 requires read-out/writing of the data to the card a from the 
access controller 12. 

16) The access controller 12 performs the again same processing as 9. Since it is 
registered into the authentication state management table by 7 at this time that the 
application 1 is ending with attestation at the card acard a hair KUSESU is performed 
as it is. Processing for the number of times 10-16 of the access processing to the 
card a in the application 1 is repeated henceforth. 

17) If all the access processings are completedthe application 1 will notify release for 
the attestation to the card a to the access controller 12. 



18) The access controller 12 deletes the information card a attested from the 
application 1 of an authentication state management table. 

19) The access controller 12 will require attestation release of the card aif an 
authentication state is held and the application 21 attested stops existing until the 
application 21 otherwise attested by the card a stops existing in the authentication 
state management table 13. Therebythe number of times of authenticating processing 
with the same smart card is reducible. 

20) The application 1 notifies the end of access to the smart card 22 to the access 
controller 12. 

21) If the notice by 20 is receivedthe access controller 12 will delete the application 1 
from an authentication state management table. When the application 1 has not ended 
access yet to other smart cards 22 at this timethe application 1 is not deleted from 

an authentication state management table. 

22) The application 1 notifies release of the exclusion of the card a to the exclusive 
control mechanism 11. 

23) The exclusive control mechanism 1 1 performs the again same processing as 
Hand cancels exclusion. 

[0032]D rawing 6 is a figure showing the processing to the smart card of each 
application by the composition provided with the exclusive control mechanism 1 1 and 
the access controller 12 of drawing 3 . The figure has shown processing of the same 
application 21 under the same premise as drawing 2 f or comparison. As compared 
with drawing 2drawing 6 each application 21 It is only performing authenticating 
processing by PIN at the time of the access processing start to the very first card 
aand release processing of the attestation at the time of the very last end of access 
processing to the card a as authenticating processingand the authenticating 
processing for every access processing to the card a which was being performed is 
omitted in drawing 2 . Thereforeas for each application 21the part processing time to 
which authenticating processing was abbreviated becomes short. The period when the 
period when each application 21 monopolizes the card a will also be in the state 
waiting for a part since only the part from which authenticating processing was 
excluded becomes short is shortand may end. Since each application 21 should 
perform PIN attestation to the smart card 22 only once firstif attestation is obtained 
from a cardit can cancel PIN. 

[0033]D rawing 7 is a flow chart which shows processing of the application 21 which 
accesses the smart card 22 by this system. Although the mechanism in which these 
processings are performed can also be made into the application 21 with the 
composition given directlygeneral composition takes the gestalt which realizes these 
processings as a library and includes this library in each application 21. 
[0034]When the application 21 accesses the smart card 22it requests exclusion 
acquisition to the exclusive control mechanism 1 1 first (Step S1)and waits for the 
response from the exclusive control mechanism 11. As a resultprocessing will be 



ended if there is a notice of a purport which cannot gain exclusion from the exclusive 
control mechanism 1 1 for a certain reason (Step S2NO). 

[0035]If there is a notice of an exclusion acquisition success from the exclusive 
control mechanism 1 1 to a request of exclusion acquisition (Step S2YES)a start 
declaration of access to the smart card 22 will be made to the access controller 1 2 
as Step S3 next. 

[0036]Access to this smart card 22 is access to the unattested smart card 22Since 
the attestation to the smart card 22 is requiredwhen the input of PIN is required from 
the access controller 12 (step S4YES)it checks by sending the password which the 
user entered as PIN as Step S8 to the access controller 12and requesting 
authenticating processing. Processing is endedif are attested as a result (step 
S9YES)and processing will be moved to Step S5it will access to a smart card and it 
will not be attested (step S9N0). 

[0037]In step S4since the further authenticating processing does not have necessity 
when this access is access to the smart card 22 which has already obtained 
attestation (step S4N0)access to the smart card 22 is permitted as Step S5and 
read-out/writing of data are performed. 

[0038]An end of the access processing of Step S5 will make an end declaration of 
access to the smart card 22 to the access controller 12 as Step S6. And as Step 
S7release of the exclusion to the smart card 22 is notified to the exclusive control 
mechanism Hand the access processing to the smart card 22 is ended. 
[0039]D rawing 8 is a flow chart which shows the processing of the exclusive control 
mechanism 1 1 to the exclusion acquisition request from the application 21. If the 
exclusion acquisition request from the application 21 to the smart card 22 occursthe 
exclusive control mechanism 11 will judge whether it is ending with exclusion 
acquisition as Step S1 1 with the application 21 of others [ smart card / 22 / of which 
exclusion acquisition was required ] already. If exclusion acquisition by the application 
21 besides the result is not performed (Step S11N0)it registers as finishing 
[ exclusion acquisition of the smart card 22 jexclusion acquisition is notified to the 
application 22 which requiredand processing is ended. 

[0040]If other applications 21 are ending with exclusion acquisition at Step S1 1 (Step 
S1 1 YES)this exclusion acquisition request will be added to the waiting cue for 
exclusion as Step S12and processing will be ended. 

[0041]D rawing 9 is a flow chart which shows the processing of the exclusive control 
mechanism 11 to the notice of release of the exclusion from the application 21. If the 
notice of release of the exclusion from the application 21 to the smart card 22 is 
receivedthe exclusive control mechanism 1 1 will delete the registration as Step S21 
in which the application 21 has been exclusion gainedand will cancel exclusion. 
[0042]And if the application 21 which serves as waiting for exclusion to the smart 
card 22 which investigated the waiting cue for exclusionand of which exclusion was 
canceled exists (Step S22YES}After registering the exclusion acquisition to the smart 



card 22 of the application 21 registered into the head of the waiting cue for exclusion 
and dispatching the smart card 22and if waiting does not exist in the waiting cue for 
exclusion (Step S22NO)processing is ended as it is. 

[0043]D rawing 10 is a flow chart which shows processing of the access controller 12 
to the access request to the smart card 22 from the application 21. To the access 
start declaration from the application 21 as Step SSIthe access controller 12 registers 
the application 21 into an authentication state management tableand registers an 
access request process to the smart card 22. 

[0044]D rawing 11 is a flow chart which shows processing of the access controller 12 
to the access request to the smart card 22 from the application 21. The access 
controller 12 investigates whether the application 21 is already attestation settled 
from the smart card 22 of the access request point with reference to an 
authentication state management table as Step S41 to the access request from the 
application 21. As a resultsince the further attestation does not have necessity if it is 
already ending with attestation (Step S41YES)an access permit is notified to the 
application 21 as Step S45. 

[0045]Since it is necessary at Step S41 to perform authenticating processing if the 
application 21 has not obtained attestation yet (Step S41N0)The input of a password 
is required of the application 21 as Step S42and the authentication check by PIN is 
requested to the smart card 22. As a resultif attestation is obtained from the smart 
card 22an access permit will be notified to the application 21 as Step S45 and 
attestation will not be obtained (Step S43NO)access disapproval is notified to the 
application 21 and processing is ended. 

[0046]D rawing 12 is a figure showing the composition of the system which uses the 
smart card in this embodiment. The access control system 40 which manages 
between the application 41 in this embodiment and the smart cards 42 is constituted 
between the smart card reader 43 and the library 44 of each application 41 and is 
realized in the form mounted in OS as one function of OS. 

[0047]The application 41 performed altogether the authenticating processing and 
access processing to the smart card 42 via this access control system 40and the 
access control system 40 grasps the exchange between each application 41 and the 
smart card 42. If the state of the smart card reader 43 is also graspedfor examplethe 
smart card 42 is extracted from the smart card reader 43the access control system 
40 investigates an authentication state management tableand if there is application 
which the card makes finishing [ attestation ]it will change it into un-attesting. 
[0048]Although the access control system 40 has composition which has 
independently the exclusive control mechanism 11 and the access controller 12 in an 
insideit can also realize these as one functional constitution element. On 
securitysince two or more applications share an access controller and an exclusive 
control mechanismif it realizes in the kernel of OSthey can improve security more. 
[0049]D rawing 13 is a system environment figure of an information processor when a 



computer program realizes the access control of the above-mentioned smart card in 
this embodiment. The information processor which mounted the smart card like 
drawing 13 CPUSIROMThe input/output devices (I/O) 54such as the main memory 
unit 52the auxiliary storage unit 53a displayand a keyboardLAN and WAN by RAMThe 
network connection apparatus 55such as a modem which performs other information 
processors and network connection by a general line etc.a diskit had the smart card 
reader 58 which the medium readers 56 and 1 which read a memory content from the 
portable recording media 57such as magnetic tapethru/or plurality areand mounts the 
smart card 59and these are provided with the composition mutually connected by bus 
60. 

[0050]In the information processing system of drawing 13t he program and data which 
are memorized by the recording media 57such as magnetic tapea floppy (registered 
trademark) diskCD-ROMand MOwith the medium reader 56 are readand this is 
downloaded to the main memory unit 52 or the hard disk 55. And each processing by 
this embodiment can be realized by softwarewhen CPU51 performs this program and 
data. 

[0051 ]In this information processorexchange of application software may be 
performed using the recording media 57such as a floppy disk. Thereforethis invention 
can also be constituted as the recording medium 57 in which computer read-out for 
operating an above-mentioned embodiment of the invention as a computer is 
possiblewhen used not only by the access control system and sharing method of a 
smart card but by computer. 

[0052]As shownfor example in drawing 14 to a "recording medium" In this caseCD- 
ROMThe portable recording medium 76 which can be desorbed to the medium drives 
77such as a floppy disk (or they may be MODVDa removable hard disketc.)The 
memory (RAM or hard disk) 75 grade in the memory measures (database etc.) 72 in 
the devices (server etc.) of the exterior transmitted by network line 73 course or the 
main part 74 of the information processor 71 is contained. The program memorized by 
the portable recording medium 76 and the memory measures (database etc.) 72 is 
loaded to the memories (RAM or a hard disk) 75 in the main part 74and is executed. 
[0053](Additional remark 1) It is an access control system of the smart card which 
manages access to the smart card by two or more applicationsif the logical channel 
[ finishing / a logical channel / exclusion acquisition ] exists in this smart card with 
other applications to the exclusion acquisition request to the smart card from 
applicationAs opposed to the access request to said smart card from the exclusive 
control means made finishing [ exclusion acquisition of this application ] and the 
application [ finishing / application / exclusion acquisition ]The access control system 
equipping the application [ finishing / application / this exclusion acquisition ] with the 
access control means to which access to this smart card is permitted when the 
application [ finishing / application / this exclusion acquisition ] is already attested 
from this smart card. 



[0054](Additional remark 2) If the logical channel [ finishing / a logical channel / 
exclusion acquisition ] does not exist in this smart card with other applications to the 
exclusion acquisition request to the smart card from applicationsaid exclusive control 
meansAn access control system given in the additional remark 1 registering into cue 
the application which performed this exclusion acquisition request. 
[0055](Additional remark 3) Access control system the additional remark 1 
characterized by refusing the demand of this application when said access control 
means has not attested the application which gained said exclusion from said smart 
card to said access requestor given in 2. 

[0056](Additional remark 4) Access control system given in any 1 of the additional 
remarks 1 thru/or 3wherein said access control means manages the attestation 
relation between application and a smart card using the process ID of this application. 
[0057](Additional remark 5) Access control system given in any 1 of the additional 
remarks 1 thru/or 4 when said access control means is extracted [ said smart card ] 
from a smart card readerwherein it changes the application [ finishing / application / 
attestation ] into un-attesting with this ******** smart card. 

[0058](Additional remark 6) When said application carries out multiple-times access 
at said smart cardAn access control system given in any 1 of the additional remarks 1 
thru/or 5 carrying out said exclusion acquisition request to said exclusive control 
means at the time of the start of each accessand carrying out the notice of release 
of exclusion to said exclusive control means at the time of the end of this access of 
each. 

[0059](Additional remark 7) To the exclusion acquisition request to the smart card 
from applicationwith other applicationsif this smart card is already ending with 
exclusion acquisitionsaid exclusive control meansAn access control system given in 
the additional remark 6 using finishing [ exclusion acquisition of the application which 
registers into cue the application which performed this exclusion acquisition 
requestand is registered into said cue to the notice of release of the exclusion from 
said application ]. 

[0060](Additional remark 8) Said access control means receives the notice of 
attestation release of a smart card from applicationAn access control system given in 
any 1 of the additional remarks 1 thru/or 7wherein this attestation release requires 
attestation release of this smart card with this smart card at the time from the last 
application [ finishing / the application / attestation ]. 

[0061](Additional remark 9) It is a sharing method of the smart card which manages 
access to the smart card by two or more applicationsif the logical channel [ finishing 
/ a logical channel / exclusion acquisition ] exists in this smart card with other 
applications to the exclusion acquisition request to the smart card from applicationAs 
opposed to the access request to said smart card from the application [ finishing / 
finishing / exclusion acquisition of this application / is used and / application / 
exclusion acquisition ]A sharing method permitting access to this smart card to the 



application [ finishing / application / this exclusion acquisition ] when the application 
[ finishing / application / this exclusion acquisition ] is already attested from this 
smart card. 

[0062](Additional remark 10) They are application including two or more access 
processings to one smart carder its libraryAn exclusion acquisition request is 
performed to two or more access processingsrespectively at the time of the start of 
this access processingThe application characterized by performing an authentication 
demand to the smart card which exclusion gives a release notice and performs this 
access processing only at the time of processing of the beginning of said two or more 
access processingsrespectively at the time of the end of each access processingor 
its library. 

[0063](Additional remark 1 1) It is a library of application including two or more access 
processings to one smart cardAn exclusion acquisition request is performed to two or 
more access processingsrespectively at the time of the start of this access 
processingThe library of the application performing an authentication demand to the 
smart card which exclusion gives a release noticerespectively at the time of the end 
of each access processingand performs this access processing only at the time of 
processing of the beginning of said two or more access processings. 
[0064](Additional remark 12) When used by the information processor in which two or 
more applications carry out parallel operationlf the logical channel [ finishing / a 
logical channel / exclusion acquisition ] exists in this smart card with other 
applications to the exclusion acquisition request to the smart card from applicationAs 
opposed to the access request to said smart card from the application [ finishing / 
finishing / exclusion acquisition of this application / is used and / application / 
exclusion acquisition ]When the application [ finishing / application / this exclusion 
acquisition ] is already attested from this smart cardThe recording medium which said 
information processor which memorized the program to which it makes it carry out to 
said information processor to permit access to this smart card to the application 
[ finishing / application / this exclusion acquisition ] can read. 
[0065] 

[Effect of the Invention]Since exclusive control to a smart card is performed 
according to this inventioneven if it shares a smart card with two or more 
applicationsattestation of each application units is enabled. 

[0066]Since the attestation relation between each application and a smart card is 
managed in a unified mannerSince authenticating processing will be performed only 
when it is judged whether it is finishing [ the smart card / attestation of the 
application ] and it has not attested if application performs an access request to a 
smart cardThe number of times of authenticating processing can be reducedand the 
overhead by authenticating processing can be made small. Since authenticating 
processing by PIN is performed only once firstthe application does not need to 
continue holding PIN and can aim at improvement in a security level. 



[0067]Access of a smart card is attained among two or more attested 
applicationswith an authentication state held. The application can shorten the waiting 
state period for exclusion acquisition. Thereforethe parallelism of processing can be 
improved and shortening of the processing time of each application can be aimed at 
again. 



DESCRIPTION OF DRAWINGS 



[Brief Description of the Drawings] 

[Drawing 1] It is a figure showing the composition at the time of establishing an 
exclusive control mechanism and performing the exclusive operation of access to a 
smart card. 

[Drawing 2] It is a figure showing the access processing to the smart card of each 
application at the time of the composition provided with the exclusive control 
mechanism. 

[Drawing 3] It is a lineblock diagram at the time of providing an exclusive control 

mechanism and an access controller. 

[Drawing 4] It is a figure showing the example of composition of an authentication 
state management table. 

[Drawing 5] It is a figure showing the flow of processing of the application at the time 
of application performing access to a smart cardan exclusive control mechanismand 
an access controller. 

[Drawing 6] It is a figure showing the access processing to the smart card of each 
application at the time of the composition provided with the exclusive control 
mechanism and the access controller. 

[Drawing 7] It is a flow chart which shows processing of the application which 
accesses a smart card. 

[Drawing 8] It is a flow chart which shows the processing of an exclusive control 

mechanism to the exclusion acquisition request from application. 

[Drawing 9] It is a flow chart which shows the processing of an exclusive control 

mechanism to the notice of release of the exclusion from application. 

[Drawing 10] It is a flow chart which shows processing of the access controller to the 

access start declaration to the smart card from application. 

[Drawing 1 1] It is a flow chart which shows processing of the access controller to the 
access request to the smart card from application. 

[Drawing 12] lt is a figure showing the composition of the system which uses the 
smart card in this embodiment. 

[Drawing 13] It is a system environment figure of an information processor. 

[Drawing 14] It is a figure showing the example of a storage. 

[Drawing 15] It is a figure showing the logical construction inside a smart card. 



[Description of Notations] 

1 1 Exclusive control mechanism 

12 Access controller 
21 and 41 Application 
2242and 59 Smart card 
40 Access control system 
43 and 58 Smart card reader 

51 CPU 

52 Main memory unit 

55 Auxiliary storage unit 

54 Input/output device 

55 Network connection apparatus 

56 Medium reader 

57 Portable storage 
60 Bus 

71 Information processor 

72 Memory measure 

73 Network line 

74 Information processor body (comput( 

75 Memory 

76 Portable recording medium 
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Wk^i-s.Co\tTy')'T-=yay2 1 tig{lc^(73X y'- h- 
* - K2 1 roiSliErFpr^?f Tl^^cOT-XV- Vti-Y2 

[003 11 05tt7'^'J^r— >3>2 1 3e«X-7-h* 

- K2 2'\ro7'-J'HzX^^T3Kros T'yU'ir— >3V2 

<Da(ttl*/T^Lfc0T'««, RI0«7':/''J 1 Kate 

itt^f©1) ~2 3) til215(f'©S^i:3stf5LTl^«„ 

1) 7'r'J1ttA-Ka'N©SlflfiBBi&*eafci6v Pftfi 

2) T'yi; 1 *^6<DSAf?tcS>tLs }lffd3®JM«1 1 

t>- F a [Tin\^mmmm(07'y^j ^r-'y 3 
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3) 1 t*. 7^^^X*lJ^al««1 2lC*-Ka'\<D 

K a w-r 5 T' ^ -t X rjifei:»T'SjSKBEtt!8ea5^- 

6) mmmumm-\ u*^ *-Fatc3>fLP i N^iia 

7) Z-^-tXSW^ttil 2fi. KalCj:«ISiiE5^x 

So 

8) yy<j ^^tT<7^xu&mm^ iioju tj-i^a 

9) T'yU 1 *^6a)M*^aiL/S>i3AS5Rlc3^U KIE 
«H8'eSx-3'"/U^^|gL. Tyj 1 A^lSliEal:^- Fa 
lCigSE;TS*'J5:6«*- Fa icWLTT'-^^rX^tTdo * 

10) 1 OCDT^'f'-tXjiaaA^^TLA-FacDW^^fi? 

1 2) Sffte<^«SS*. 1 tiA-Fa'vroZ'f-feX 

LTt^S(DTHi(^7'7'Uy— >3>2 1 *i«*-Ka«fi| 

1 3) T^yuitJs mmt}-Fa^(Dy->-tx(Oi$i'mtf' 

1 4) yy^J 1 ft^ScDMiRlcWL. SMftSJffli^tlll 1 
2) iilD^I. *-FaH:3[tfL8ffteaif;^<D7'yi;^-v' 

1 5) TZfV 1 tiZ-^-feX^'JiSl^l^l HZMU *-F 

1 6) 2 it. mm 9) tmmrj:mm 

1 FalCiSlI3?*iT'«SC<*:6^g^TmTt^«<7) 



7\ ^£D^^*-Fa^7'•>-trx*^T3o wtT-yui 

F^OD*- Fa'\©r-j7-tXjiaSCDlHl8){»1 0) ~1 6) 
XSiJW^Sl 2lCtl- Fa'\<7)iSiI^(®l^=&ilSD-rS<, 

1 8) 7-?Hzx$ijw«i 2it. mmvimmm^-:r}\/ 
1 9) T'^^-trxsijOT^ii 2W. mtmrnmrny'-zriiy 

1 SlcftStc*- Falu|giii3rtlTt'>SZ:/'J'^— >3 V 

2 1 #i#aL«:<S««TS8IE«fg««^tLs ig§E*n 

Tt^5y'yJ'b— v-ava 1 6'<??SL35:<%5i:*-F 

aizmmmf^^w^-f^o cmcj^uin— cdx^-f* 

- FttOfSIBlBSroiHia^H'J-Mt- 5 s: t 

20) yyvnt. T'>■b7.U0mm^ 2icx^-^-ti 

- F2 2'\(D7<?-trX*«7^ii*Br5o 

2 1) 2 0) T'(Dm%a^Si^f^tT<7■t7.%mmm^ 2 

CDBtT'r'; 1 f-*- F2 2(c5^LT(iS/c 

2 2) Z^U 1 (iSffflj*J8PaMi1 1 {cti- KaroSffftro 

2 3) SPmiJWWl Ilis SSI 1) 

[0032] 1216 lis 113 (Dummmm 1 1 sij-t^ 

JttSrofcA!)!! 2 i: |5| L:fj*g(7)7£T-<7)|5l liT'r U ^-'> a 
> 2 1 OiaaS-.TT LTtfeSo E 6 S-D 2 1 JtRT 5 <!:s 
ST'^'J^— >a>2 Hi. fgSESQSt LTti. -S» 
S]CD*- Fa'NODT'-^-tT.SasrjaSfeBtcOP I NlcJ;;5gS 

immt. —m^m(Dy'>-iixmmmjmzt}-Fa^ 

Ka'\©S7'^'-bXftiS»<OgglI«lS!e«««6* 
a > 2 1 *\ K a LTt^SMBffltgglljiaS*^ 

2 1 X^- h:^- F2 2tcS<t-rSP I NiSII€:g«D 

«P I N^6e^-rsc:<!:6':til3R5o 
[0 0 3 31 E17W. 3|s:v'7.5^/xlcJ;UXV-h*-F 
2 2lC7''?-bX*?T^7':^U'5r— >3>2 1 <^SaS«5^ 

co^'r:?"^u^§zyi;^— >3>2 1 izmiLtsmm^ 

[0 0 3 4] TyiJ^-'y'3y2-\lt. X^-FA-F 
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2 2izT<7-t7.^n5m. ^ rmmmmn 1 1 ^nm 

U^'yysi. NO) ^ JttS^ii^Tf^o 
[0 0 3 5] «tfte!Sf#CDflcSilc3>tU «ffte$yw:^«i 1 
6'*6Sffteai^#fi)t%<Dji5ED6^Wntf (X7^';/rS2s YE 
S) . ^klZT.T'yZfSStLT. T<7■^zXmmmm^ 2 
ICXV- h*- K2 2'\tD7''J'4zXCDMJtfe3:i-^}T^, 

[0 0 3 61 C©7.-7-h*-K2 2'V©7''^-bX#«5|5 
ISiiECDX^- S*- K2 2'\CD7''j7-feXT-fet>. T."?- 
h K 2 2'\©ISaE6';i2^JS:ft46F->-lrX*iJ^ttl«! 1 
2 6^6 P I N<DA*^S5R3-nfcl^ U5^'yyS4. Y 
ES) . X5^'y:/S SiLTP I N i: LTlL-+f ib'^A:^ 

•y7S9. YES) V «lS*Xxy:/'S5JC»LTXT 

S9. NO) . iaa:&*?7f5o 

[0 0 3 71 X7^•yrS4^cJil^T^ C^Z-^-feXft^SE 

lcig8E^?fTt^5X7- h;^- K2 2^CD7'-j7-feXTS 
(X7^'yyS4. NO) . M%^iSiiE^lQS^*^£^S^ 
t^CT. X7'>y:/S5«tLTX-7-h*-K2 2'\©7' 

[0 0 3 8] X7^-yys 5cD7''?-feXia,S6'^ii$7"r« 

TX-7- h*- K2 2^(0T<7-bXam7M^no. 

^LTXy^'^ys? tLX. ^CDXV- K2 2^% 

- K2 2's©7'^'-trXi!lS*il^7-rSo 

[0 0 3 9] HSfi. 7'yU';r-v'3>2 1 A^StOSfffi 

F2 2^(ommmwm^i^^i&^t. mmimmt^ 

1 I*. Xt^-v^S 1 1 iLTs SP«i^^5R?n/cX 
^-h*-K2 2*'i. mcm(DTyiJ^—>3>2HC 

<fcoT»ff6al^#»*T'««)b^«^i:3*^^J|!|JBf■r«o -f-roig 

(Xxy^SI K NO) . ^©X^-h* 

- K 2 2 ^SfWfj^^i LTS» Ls m^^n-^tzT 

y>j 3 > 2 2 LTim^i&Tr 

■So 

[0 0 4 0] $fcX7^-y7S1 1 7fte©7'yU':r— >a 
>2 1 #«SfftSai?«3*;^iiT'»«fi:6f^ (XT^-yys 1 1 . 
YES) , XT^yysi 2,^:LT^:ro^lPfteal^§Mm*» 

[0 04 11 E9{i. 7':/'U"5r— >3>2 1 A^e©»^f6 

-^'■V-hTS-So T'yU-lr-v'g >2 1 A^ex^- h 
K2 2'\<7)?^Mt!3©ft?l^ji*a^gt:)--i)<!:. Sfffl3$yW 



«1 M,t. Xt^-vT'S 2 1 iLT^COZyU'^— >3 V 

[0 0 4 21 ^LTmfm-B^o.-^m<. 

^TZf'J'7—^y^>2^t'^^^tnlt {x^yys2 
2. YES) s Sfffi?f5+i-(05taStcaii*ti.Tt^^ 
T-:fV^-i/By2^(0^<07.'=^-htl-[^'2 2^<0m 
fteal^f LTXV- I- K 2 2 X/\°-y ^ L 
/efts $/i:BMi6?f5+a-lc^f66'<?^ffiL%t:>-tl«' (X 
x'yyS2 2. NO) ?-<0««. SQS'&jl^T-rSo 
[0 0 4 3] m^ 01*. Ty'J'^-'>3>2 1 f^^CDX 

■7- K2 2^<nT<7-b7.mmcMf^y<7-tx^i 
wmm^ 2<D«is^5^-r>'o-^Y-hT-«5o t't^u 

-ir— >a>2 1 A^S^T^^-feXBSiiafimiCj^Ls T'-J'-t 
X»:BI«1 2(i. X5^'y:/'S3 1 i:LTs ISilttSSB 
Sx-^VKcZl/'J'ir— >3>'2 1 €S»L.T. X^- 
h*- K2 2lcMLTZ^'-bX£^yp-bX*S»-r 

[0044] 01 1 it. T-:/V^-i/ay2 1 6^6©X 
^- h*- K2 2'S07'^'-bXS3?lJ:J*-r57'^-feX»J 

mmm^ 2(Dmm^7ji-rya-9^'-hT&^. yyj 
^-'y^y2^t■'e(DT':7■^2xmmctjL. T'-^-trXM 
W«1 2(iX7^'yrS4 1 .hLTISiiEttXI'gSx-^' 
;U^#f«SLT. ■?-©7'yU'{r->/3 >2 1 fl'T'-J^-trXS 
AR5t<DX^- h*- K2 2A^eiffitciSfiE-^T-fe5*^<!:'5 

S4K YES) . SS«SEE«jg^O>0!)T\ XT^y 
:^S 4 5 .hLTT'yU^r— >3>2 1 tCJtLTZ^-feX 

[0 0 4 51 XxyyS4 1T% ^(JiT-f^)*r-'i/By 
2 1 Tb'iS/ifiSiiE^^fTl^Sl^fTJSS^' (XT^'y^S 4 
K NO) . mmmm^''no-S!Mi^^^(r)l:\ X7^>yy 
S 4 2<l:LT7'yiJ'^— >3>2 1 iC/'fxr?- K©A^ 
*S:^U X-7-h*-K2 2tC)(*LTP I NtCcfc^iS 
iiE9^x-y^7^fiSf|-r5o ^<7)^m. X^-h:^3-K2 2 

6^6igSE6'!^#6tltl^^; xx-y ys 4 5 i Lxryj^ 

— > 3 > 2 1 ICJ* LT7''?-bXf»=pr*3l»] L. ^fcsSH 

(Xx'yyS4 3. NO) . 7">-tX 

^Wfsj^yy'j^-'>3y2 1 icHLzm^aLriam^ 

[00461 0121*. *|gfiWK!8lcS$ltSX^- h tl 

BmVOTZf'J'r-'yByA 1 .hXV- h*- F4 2 

0ia«es-r«7'-?-bxsa->X7^z*4of*. x^-h 

tl- KU-'?"4 3 i:S-7':/U';r— >a >4 1 T'"^ 
U4 4<!:©F^lc«^!i6^nv OSro-^ltltLTv S^t^ 

tto s izm^-iti^mTmrn^n^o 

[0 0 4 7] Ty'J^-'>3>4 M,ts XV-h*-K 
4 2te>!^t-r^SSiiE5QS-¥'7'^H2XiaS^. ^X^OiT"? 
-bXgSv'X5"Zx4 0^^>LTfft\ T'-J'-trXgSv'X 
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4 2i:cDP^<D^*;iXy«'fflliLT0>5o ^fcT'^-tXl 
a->X7^^4 0». X^-h*-K'J— Sf4 3<Dtt«lt. 

V- h*- K4 2 6^it6^n^<h, iSfiE:i:<c^'iax-:?vu 
3 >*i'«*n«*isiHi:SM-r«o 

[0 0 4 8] ^fcs 7'-?HzXeS->XxI»4 01*. |*lg|3 

icSffteSiJ^Pi^li 1 1 tT<7^xMmmm^ 2*sij>^tcj# 

^-tXSiJ««-^«ffli!$iJ«i|l«IIStt> ^liCCDT'y'J ^— > 

Hiir 5 i: ^r + a U X -f « J: y lR]±-r 5 d <t A'iT-* 5o 
[0 0 4 9] mi 3 li. *ll)5g^g§lcj5lt5±fBX-=?- 

©«ltCCPU5K ROM. R AMtC<fc5^iB1t^S5 

2. msijnmmmsa. x^-ri^yu-r. +-#-k^© 

A*;':ga ( I /O) 5 4. LAN-^WAN. -llSSJg 

[0 0 5 0] S/ciai 3^)1flBjlD.S->Xx/x7(±, 
§EIXU^B5 6lcJ:y5aac5^-:f, 7a-ytf- (BfiliS 
t'-<X<7. CD-ROM. Mom<oimmw5 7{c 

±fB1iiKg5 2 KxVX-? 5 5 iC-Jf-^VP- 

K-rSo ^•LT*Slfi6JKI8tc«fcSS«vStt. CPU5 1 

6^ c y p ^^'^ X - ^ =&II^T-r « c i: ic J: y . y 7 

[0 0 5 11 $/c, z(Df^m9m^s-^it. yuy\d- 

l|B^<DIIS6«DHJffi(^^tg^ =1 > tfn - ^ icn^-\i:^tcib 

[0 0 5 2] zom-B. mmti^w^ icit. m^im i 

4lC5^x*n5J:3lC. CD-ROM. 70'>tf-5=VX 
•J' (S^lMiMO. DVD. 'Jl^-ny^f\^/\-\i'ir-<7. 

^pJ«lBli!«#:7 6-^. ^.-y h-'7-'>lHl^7 3m^T'm 
fl*n-5^g|5<D:ga (-9— /\») P«g<DfB1t#lg (x— 5? 



^-Xm) 7 2. ^5Wiff$6SaS^S7 1 cD*ft7 4 

rt©/^'; (RAMxij/N-KxVx-?!?) 7 smt"^^ 
*ti5„ qri»§a»«i<*7 6-¥»sii^si (x— Sf^-x 

^) 7 HCtEm^ni:^.^^Zfa<f3Ut. *fls:74F«gcD 
;><=Ei; (R AMXti/X-Kx'TX-i^^) 7 51CP-K* 

[0 0 5 31 («fB1) «i»©7':/'J'^— ^avicj: 
«X7- h:^- K'SOTT'-J'-lrX^esr^X^- h*- 

nmmmys^i- •t^oTi^^T^yu'S— >3>*^6<DtuiB 

[0 0 5 4] «>fsB2) BuiBSMttW^m. yyj 

+i-icasi-r^jii:^!t#^si[i:-r^^xtiBi icibkcot"? 
■fexea->xxAo 

[005 5] (1«f IB 3 ) tuIBT' ^ -t X$ijap#S(*. BU 
iBT'^ -trXg^RlcS't BuiBS^ffi*al^# L/cZT^'J -^r- 
-> 3 >««HulBX^- h K)b^6*ig|IT'»5^. ET' 
T^'J > 3 ><DgA}?«-Jg$6-r ^ d i^ltlJtirsi^lB 

1 Xti2tc|BI8(DZ^HzX'gS->XxAo 

[00 5 6] am 4 ) BuiBT' -fe x$ijffli#iaii. t' 

a5^XxL.„ 

[0 0 5 7] ams) fiuiBZ-^HzX^^ISti. M 
IBXV- h*- K*'^XV- h:^- KU-' J^ J^UtfeA^tifc 
a^. Mt6*^;|arcX^-f-*-KlcJ;UiigiiES3^i:&oT 

t^«7'y u -r— > 3 y^^^mcm^r^ z t.^mwt. 

■rf.^^tiB1 7iM4(Dl,^■rtlAM tClB«©7'^'-bXeS-> 
[0 0 5 81 (f^^iB6) HuST'yj'y— >3 HU 

©MjiSBsicBusagtfi6$ijiai#®icHufBSfffia?i^AR^tT 
mmm^^'i^ozt^mw.t.r^n^Mbm5<oK.-^tti 

AM tCiBe©7''>-trxeSv'XxA„ 
[00 591 (^^tlB 7 ) s5IBSffte$'J^!iP#Sti . T' 7 U 
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* It « t f ^ < ^f IS 6 1 C iB |g -b X -> X 7^ A, 
[0 0 6 0] imBS) BUlBT'^'-trX^Jffll^lSti. T 

hA- K^ciigiiE)S¥l^^*s^r■5^:<i:*i|tal[<l:■r«^^^ie1 

TIjS 7 ©l^-rtlA^ 1 tCfB«(07''>*X«S->X7^L.o 

[006 1] (•ftfB9) ^iSCDT'yiJ'ir— >3>tc=t 
•5X^- h*- K'NOT'-J^-trX^gS-r^XT- h:^- 

F icfteroz :^ 'J — > 3 V ic J: o Tilf tt^o 

mctiL. mnmm'iwmsi-ttji^Ti^^Tzf'j'r-iya 

[0 0 6 2] (f^lBI 0) 1 0(DX-7-h*-K'Na) 

«S3tro7'':'-feXSQS^-^tr7':^U -ir— > 3 
'T^'^'JTS^Ts anatDT'-f-trXiaSlcJ^U ^T''? 

-bxffia<DBflj&i^ic^-ti?^tiji^fftai#Mm^?7t\ ST' 

-j^-fexsoaroiisiTBtic^n^'nsfffitDS^asa l. SuIb 

[0 0 6 3] (l^tia 11) 1 -PXT- h*- K'\<^»« 
iU<D7'-5'-feXi!ia«^^?j7'^U -r— > 3 yto'p^y^^ V 
TSoT. «»(7)Z'?-tX5aSlC«L, I^T^-^-fextoS 

^?t3 XV- h ;b- KlcS-f LTiSliEM3?*ff 5 C t ^It 
m i -r « 7 'J > a ><D ^ 'T y o 
[0 0 6 41 (Mg312) SaODT'y'J^— >3>3«« 

3?l::jt>fU ^XT-h*-Klcfffi<7)Z-7^';'!r->/3>lc 

myzf'j'T—iyay^mimmys^tu nm 

a?#)^*- <*: ^ o TC^^ 7 >r - -> a 6 CDIuiBX V 



[0 0 6 5] 

[5ilB^roa^] ^fgB^tCctnifx xv-h^-Ktcs^-r 

[0 0 6 6] $fcv S7'7''>l'{r-v/3><l:XV-h*- 

(Dx^-hti- I'li'ecDTyj^-'yay^miim^f' 

yj^-'yayit. P I N^figif L«!lt5«g»*^S<x 
[0 0 6 7] MlcXV-h^-Ktt. K!iI«»€-«jtL 

Xi^^mtii^o ^tcyyv^-'yayit. »fftai»© 
-bxo[)Sffftftva^e^fc«-&©«t^*5^-rET»5o 

3 VCOXV- F*- K'\©7''?-bXftiS«g^'riilT'» 

So 

[031 s^f6»jffii«im;&tf7''^-trx$ijap«iti«Kitfcii 
[04] iSii«cHS®Sx-7;uco«^i)6«y^/T^r0T» 

[0 5] Tyv^-'yayti^X^-hti-F'\(Dy<7ir 
-trX»<t«(7)5[iS©aKn^/T"K L/c0TSSo 

[061 spfft*jffl««sif7'-j'-bxiiijapai«*«s^ifc« 

Xj!QS^.TN-r07-»«„ 
[071 X-^-h^-KlCT'-^-bX^fTdT'yj'ir— > 

[081 Tyv^-'y3yf'E>(Dmmm^wmciir^ 
[09] Tro^-'yayf^^cD^imcomummcnt 

[01 0] T'yiJ'^r— >3>6^6cDXV-h*-F'NC0 
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f^P-^V- h7*«o 4 3, 

[01 11 Ty*j^—'ya yj&^erox-?- ha- K's® s i 

P-^^-V- hT^i.o 5 5 

[Ell 2] *IIWJ^lcS$t:f5X^-h*-F^ffiffi-r 5 4 

^v-X^^ACDWfiic^/T^flSlT-feSo 5 5 

[01 3] 1t$B5aSgScD->X7^/:.Sl;g|g|T'JB5, 5 6 

[01 4] M5mmw(om^nktmT&^. s 7 

[0151 XV- h *- Krtffl5a)SSSW«lfil«g^-r0T' 6 0 

7 1 

[?9^«DiJiR«] 7 2 

1 1 mmmmm 7 a 

1 2 7'<7^rx^|Jffl«I^S 7 4 

2 K 4 1 yy'J'^->'B> 7 5 
2 2. 4 2. 5 9 X^-htl-F 7 6 



5 8 XV-h*-K'J— ? 
CPU 



[011 



[021 



J. 



21 



21 



T7*'J 3 



J. 



21 



77-'; n 



^)EW:i^«-frs; 2,3 



.It 



1/22 



[04] 



— 1 


J 


1 


1 1 


1 


1 

1 


1 








=1 


1 "\l 
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21 
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.22 



2Z 



[07] 



— — IIE—^ 



"SI 




S2 




me] 



J 



[EI8] 
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15] 



3 ) ^Ka'NOT^ iz;^IIIMm 



6) PIN*ft*L*-Ka'^«>BlI* 



17) A-KjKvtf>Htt* JW»r 



«)Ar-Ka(citU PEN* a*BL. 
9)BiI«ll»Jlx-::/>ut«l* 



n 5] 



DIR 





1 

DP 

,— , 




DP 


EF 




EF ... EF 


EF 


„. EF 
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[|S|9] 



II 0] 



y-p''} '7- X « Wr « ^1? Pt. a iec k 



♦J «■ flt o jes « € if, 1 7 a- f-i^- K 




,S2I 



SZ3 



S31 



(ED 



lm^ 2] 



1] 



T^'v^r- 73 y t'^r ;i"7- V^-K-^^o 7^■fe::^^^'^- 




S42 




S4e 
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1 JL 




r 7- 


V n 
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44^ 
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